package com.kingyea.mobilepolice.permission.controller;

import com.kingyea.mobilepolice.permission.bean.Permission;
import com.kingyea.mobilepolice.permission.bean.PermissionCondition;
import com.kingyea.mobilepolice.permission.bean.PermissionPo;
import com.kingyea.mobilepolice.permission.service.PermissionService;
import com.kingyea.mobilepolice.security.SecurityUtils;
import com.kingyea.mobilepolice.system.Result;
import com.kingyea.mobilepolice.system.StateCode;
import com.kingyea.mobilepolice.util.ExceptionConditions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * @author Mr.Lin
 * @version v1.0.0
 * @description Permission 控制层
 * @date Created in 2018-03-30 15:27:53
 */
@RequestMapping(value = "/permission")
@RestController
public class PermissionController {

    private static final Logger LOGGER = LoggerFactory.getLogger(PermissionController.class);

    @Autowired
    private PermissionService permissionService;

    /**
     * @Description: 查询全部
     * @Param: [condition]
     * @return: java.util.List<com.kingyea.mobilepolice.permission.bean.Permission>
     * @Author: cxc
     * @Date: 2018.04.09 14:49
     */
//    @PreAuthorize("hasAuthority('query-permission') || #oauth2.hasScope('ui')")// 所有 管理员 都能查
    @PostMapping("/search")
    public Result<List<Permission>> list(@RequestBody PermissionCondition condition) {
        SecurityUtils.getCurrentUser();
        return new Result<>(permissionService.search(condition));
    }

    @PostMapping("/myPermissions")
    public Result<List<Permission>> myPermissions() {
        return new Result<>(permissionService.myPermissions(SecurityUtils.getCurrentUser().getUserId()));
    }

    /**
     * 通过ID查找对象
     *
     * @param roleId
     * @return
     */
    @PostMapping("/searchByRoleId/{roleId}")
    public Result<List<Permission>> detail(@PathVariable("roleId") Integer roleId) {
        return new Result<>(permissionService.searchByRoleId(roleId));
    }

    /**
     * @Description: 更新角色的资源权限，先删除所有后插入新数据
     * @Param: [po] roleId permissionIdList
     * @return: java.lang.Object
     * @Author: cxc
     * @Date: 2018.04.09 15:37
     */
    @PreAuthorize("hasAuthority('add-permission-for-role')")
    @PostMapping("/addForRole")
    public Object addPermissionsForRole(@RequestBody PermissionPo po) {
        ExceptionConditions.checkNotNull(po, StateCode.NO_ARGUMENT_ERROR);
        ExceptionConditions.checkNotNull(po.getRoleId(), StateCode.NO_ARGUMENT_ERROR);
        ExceptionConditions.checkNotNull(po.getPermissionIds(), StateCode.NO_ARGUMENT_ERROR);
        return permissionService.addPermissionsForRoleId(po);
    }

    /**
     * @Description: 删除角色的资源权限
     * @Param: [po]
     * @return: java.lang.Object
     * @Author: cxc
     * @Date: 2018.04.09 15:40
     */
    @PreAuthorize("hasAuthority('del-permission-for-role')")
    @PostMapping("/delForRole")
    public Object deletePermissionsForRole(@RequestBody PermissionPo po) {
        ExceptionConditions.checkNotNull(po, StateCode.NO_ARGUMENT_ERROR);
        ExceptionConditions.checkNotNull(po.getRoleId(), StateCode.NO_ARGUMENT_ERROR);
        return permissionService.delPermissionsForRoleId(po);
    }

}
